public async Task <IActionResult> CreateToken([FromBody] LoginModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(Unauthorized());
}
if (_passwordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password)
!= PasswordVerificationResult.Success)
{
return(Unauthorized());
}
var token = await CreateJwtToken(user);
var returnModel = new LoginReturnModel
{
Email = user.Email,
Role = await _userManager.GetRolesAsync(user),
Token = token
};
if (user.CompanyId > 0)
{
returnModel.CompanyId = user.CompanyId;
}
return(Ok(returnModel));
}
public async Task <object> Login([FromBody] LoginViewModel model, string returnUrl = null)
{
int flag = 0;
LoginReturnModel data = new LoginReturnModel();
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false);
if (result.Succeeded)
{
var user = await _userManager.FindByEmailAsync(model.Email);
flag++;
_logger.LogInformation("User logged in.");
data.status = flag;
data.user1 = user;
return(data);
}
data.status = flag;
}
// If we got this far, something failed, redisplay form
return(data);
}
//process basic user authentication
//throw unexpected query result exception
public LoginReturnModel userLogin(string _userName, string _userPWD)
{
try
{
DataTable queryResult = service.loginSearch(_userName, _userPWD);
if (queryResult.Rows.Count == 1)
{
LoginReturnModel returnModel = new LoginReturnModel();
returnModel.UserName = queryResult.Rows[0].Field <string>("UserName");
returnModel.HandShake = "1";
return(returnModel);
}
else if (queryResult.Rows.Count == 0)
{
throw new ExceptionDefines.UserNotFoundEx();
}
else
{
throw new ExceptionDefines.InternalErrorEx();
}
}
catch (ExceptionDefines.InternalErrorEx ex)
{
throw ex;
}
}
/// <summary>
/// 登录方法
/// </summary>
/// <param name="userId">账号</param>
/// <param name="passWord">密码</param>
/// <returns></returns>
public RetJsonModel Login(string userId, string passWord)
{
var db = DBContext.GetInstance;
try
{
DateTime now = db.GetDate();
//返给前台的JSON实体
RetJsonModel jsonModel = new RetJsonModel();
jsonModel.time = FunctionHelper.GetTimestamp();
var data = db.Queryable <SYS_USER_ACCOUNT, SYS_USER_INFO>((a, b) => new object[] {
JoinType.Left, a.ID == b.USER_ID && a.STATE == b.STATE
}).Where((a, b) => a.ACCOUNT_NUMBER == userId && a.STATE == "A")
.Select((a, b) => new
{
a.ID,
a.PASSWORD,
b.NICK_NAME
}).First();
if (data != null)
{
if (data.PASSWORD == passWord)
{
db.Updateable <SYS_USER_ACCOUNT>().SetColumns(x => new SYS_USER_ACCOUNT()
{
STATUS = 1,
DATETIME_MODIFIED = now
}).Where(x => x.ID == data.ID).ExecuteCommand();
LoginReturnModel lrm = new LoginReturnModel();
lrm.user_info = new UserInfoReturnModel
{
USER_ID = data.ID,
NiCK_NAME = data.NICK_NAME
};
jsonModel.status = 1;
jsonModel.msg = "登录成功";
jsonModel.data = lrm;
}
else
{
jsonModel.status = 0;
jsonModel.msg = "密码错误,请重试";
}
}
else
{
jsonModel.status = 0;
jsonModel.msg = "账号不存在,请重试";
}
return(jsonModel);
}
catch (Exception ex)
{
throw ex;
}
}
public string loginErrorMessage(LoginReturnModel loginCustomer)
{
string message = "";
if (loginCustomer == null)
{
message = "Username or password is incorrect";
}
return(message);
}
public async Task <IActionResult> Login([FromBody] AppUserDTO userDTO)
{
//var username = userDTO.Username;
var email = userDTO.Email;
var password = userDTO.Password;
var location = GetControllerActionNames();
var result = await _signInManager.PasswordSignInAsync(email, password, false, false);
if (result.Succeeded)
{
var user = await _userManager.FindByNameAsync(email);
//get client id
var customers = await _userData.GetCustomerbyUserId(user.Id);
int customerId = -1;
if (customers != null)
{
if (customers.Count() > 0)
{
customerId = customers.First().Id;
}
}
var tokenstring = await GenerateJSONToken(user, customerId);
var userRoleIds = await _userManager.GetRolesAsync(user);
List <IdentityUser> roles = new List <IdentityUser>();
List <string> roleNames = new List <string>();
foreach (string roleId in userRoleIds)
{
roleNames.Add(roleId);
//var role = await _roleManager.FindByNameAsync(roleId);
//if (role != null)
//{
// var roleName = await _roleManager.GetRoleNameAsync(role);
// roleNames.Add(roleName);
//}
}
LoginReturnModel loginReturn = new LoginReturnModel()
{
UserId = user.Id,
Token = tokenstring,
RoleNames = roleNames,
CustomerId = customerId,
};
return(Ok(loginReturn));
//return Ok(new {token = tokenstring, id = user.Id});
}
return(Unauthorized(userDTO));
}
public LoginReturnModel Login(LoginCustomer loginCustomer)
{
if (isLoginModelEmpty(loginCustomer))
{
throw new ArgumentException("Arguments are not valid.");
}
if (!isLoginCustomerValid(loginCustomer))
{
string passwordError = errorPasswordMessage(loginCustomer.Password);
string usernameError = errorUsernameMessage(loginCustomer.Username);
//throw new ArgumentException() { Data = { { "Password", passwordError }, { "Username", usernameError } } };
throw new ArgumentException
{
Data = { {
"errors",
new LoginCustomer()
{
Password = passwordError,
Username = usernameError
}
} }
};
}
loginCustomer.Password = passwordToHashPass(loginCustomer.Password);
Task <Customer> customerTask = _customersDal.FindCustomerAsync(loginCustomer);
Customer customer = customerTask.Result;
if (isEmptyCustomer(customer))
{
return(null);
}
else
{
string token = generateToken(customer);
LoginReturnModel customerWithGeneratedToken = new LoginReturnModel
{
Customer = customer,
Token = token
};
return(customerWithGeneratedToken);
}
}
public IActionResult Login([FromBody] LoginCustomer loginCustomer)
{
try
{
LoginReturnModel customer = _customersLogic.Login(loginCustomer);
if (customer == null)
{
return(Unauthorized(new { message = _customersLogic.loginErrorMessage(customer) }));
}
return(Ok(customer));
}
catch (Exception ex)
{
return(BadRequest(ex.Data));
}
}
/// <summary>
/// 注册方法
/// </summary>
/// <param name="userId">账号</param>
/// <param name="passWord">密码</param>
public RetJsonModel Register(string userId, string passWord)
{
var db = DBContext.GetInstance;
try
{
DateTime now = db.GetDate();
//返给前台的JSON实体
RetJsonModel jsonModel = new RetJsonModel();
int timestamp = FunctionHelper.GetTimestamp();
jsonModel.time = timestamp;
//查询账号是否已存在
var data = db.Queryable <SYS_USER_ACCOUNT>()
.Where(x => x.ACCOUNT_NUMBER == userId)
.First();
if (data == null)
{
db.Ado.BeginTran();
//账号表新增记录
SYS_USER_ACCOUNT model = new SYS_USER_ACCOUNT();
model.ID = System.Guid.NewGuid().ToString();
model.DATETIME_CREATED = now;
model.STATE = "A";
model.ACCOUNT_NUMBER = userId;
model.PASSWORD = passWord;
model.TIMESTAMP_INT = timestamp;
model.STATUS = 1;
db.Insertable(model).ExecuteCommand();
//先在用户注册时,默认在用户个人信息表插入一条记录
bool isExist = true;
string nickName = "";
do
{
nickName = FunctionHelper.GetRandomString(8, true, false, true, false, "");
int count = db.Queryable <SYS_USER_INFO>().Where(x => x.NICK_NAME == nickName && x.STATE == "A").Count();
isExist = count == 0;
} while (!isExist);
SYS_USER_INFO uInfoModel = new SYS_USER_INFO();
uInfoModel.ID = System.Guid.NewGuid().ToString();
uInfoModel.DATETIME_CREATED = now;
uInfoModel.STATE = "A";
uInfoModel.TIMESTAMP_INT = timestamp;
uInfoModel.USER_ID = model.ID;
uInfoModel.NICK_NAME = nickName;
db.Insertable(uInfoModel).ExecuteCommand();
LoginReturnModel lrm = new LoginReturnModel();
lrm.user_info = new UserInfoReturnModel
{
USER_ID = model.ID,
NiCK_NAME = uInfoModel.NICK_NAME
};
jsonModel.status = 1;
jsonModel.msg = "注册成功";
jsonModel.data = lrm;
db.Ado.CommitTran();
}
else
{
jsonModel.status = 0;
jsonModel.msg = "账号已存在,请重新输入";
}
return(jsonModel);
}
catch (Exception ex)
{
db.Ado.RollbackTran();
throw ex;
}
}
public IHttpActionResult Authenticate(LoginRequest login)
{
LoginReturnModel loginReturnModel = new LoginReturnModel();
try
{
Int32 systemUserId = 0;
String role = "";
var loginResponse = new LoginResponse {
};
LoginRequest loginrequest = new LoginRequest {
};
loginrequest.Username = login.Username.ToLower();
loginrequest.Password = login.Password;
// If this is a temporary password, return the temporary login info.
TemporaryPasswordModel temporaryPasswordModel = new TemporaryPasswordModel();
temporaryPasswordModel = GetTemporaryPasswordByLoginId(login);
if (temporaryPasswordModel != null && temporaryPasswordModel.LoginId != null && temporaryPasswordModel.TemporaryPassword != null)
{
return(Ok <TemporaryPasswordModel>(temporaryPasswordModel));
}
//IHttpActionResult response;
HttpResponseMessage responseMsg = new HttpResponseMessage();
bool isUsernamePasswordValid = false;
isUsernamePasswordValid = IsValidLogin(loginrequest.Username, loginrequest.Password);
systemUserId = GetSystemUserIdFromLogin(loginrequest.Username);
role = GetRole(loginrequest.Username);
// if credentials are valid
if (isUsernamePasswordValid)
{
//return the token
string token = createToken(loginrequest.Username);
loginReturnModel.Code = "success";
loginReturnModel.Message = "The login was successful";
loginReturnModel.Token = token;
loginReturnModel.SystemUserId = systemUserId;
loginReturnModel.Role = role;
return(Ok <LoginReturnModel>(loginReturnModel));
}
else
{
loginReturnModel.Code = "error";
loginReturnModel.Message = "The login was unsuccessful";
loginReturnModel.Token = "";
loginReturnModel.SystemUserId = -1;
loginReturnModel.Role = "";
return(Ok <LoginReturnModel>(loginReturnModel));
}
}
catch (Exception ex)
{
ExceptionModel.SaveException(ex.Message, System.Reflection.MethodBase.GetCurrentMethod().DeclaringType.ToString(), System.Reflection.MethodInfo.GetCurrentMethod().Name);
loginReturnModel.Code = "error";
loginReturnModel.Message = "The login was unsuccessful";
loginReturnModel.Token = "";
return(Ok <LoginReturnModel>(loginReturnModel));
}
}
public async Task <JsonResult> Login(string email, string password)
{
//需要记住我的参数吗?
var user = await _userManager.FindByEmailAsync(email);
if (user != null)
{
//记住我参数现在是false,到时候问问看
var result = await _signInManager.PasswordSignInAsync(email, password, false, lockoutOnFailure : false);
if (result.Succeeded)
{
//获取用户名字,id和身份
var data = new LoginReturnModel();
data.userId = await _userManager.GetUserIdAsync(user);
data.userName = await _userManager.GetUserNameAsync(user);
bool userInAdmin = await _userManager.IsInRoleAsync(user, "Admin");
bool userInUser = await _userManager.IsInRoleAsync(user, "User");
//不太严谨,只要不是管理者都是用户,对于分配到不是用户也不是管理员的情况无法覆盖
//2代表既不是用户也不是管理员,后续可以删除, 因为早期有些用户我加入的时候没有添加角色,
data.userType = userInAdmin ? 1 : 0;
if (data.userType == 0)
{
data.userType = userInUser ? 0 : 2;
}
//获取access_token
//----------------------------------------------------------------
//正式发布的时候这里的authority需要更改下以取得正确的token
//----------------------------------------------------------------
var disco = await DiscoveryClient.GetAsync("http://localhost:5000");
if (disco.IsError)
{
return(new JsonResult(new LoginReturnModel(false, "DescoveryClient fail")));
}
//这边API暂时是hard coded,到时候问需不需要包含别的API,或者再看看接口怎么自定义
//scope要和数据库定义的客户端相对应,统一用baiduAPI签发
var tokenClient = new TokenClient(disco.TokenEndpoint, "Baidu API", "BaiduSecret");
var tokenResponse = await tokenClient.RequestResourceOwnerPasswordAsync(email, password, "Api1 Api2");
if (tokenResponse.IsError)
{
return(new JsonResult(new LoginReturnModel(false, "令牌生成错误")));
}
if (tokenResponse.AccessToken == null)
{
return(new JsonResult(new LoginReturnModel(false, "令牌生成失败")));
}
data.access_Token = tokenResponse.AccessToken;
data.result = true;
//这里data内不包括token的过期时间和refresh token
return(new JsonResult(data));
}
if (result.IsLockedOut)
{
return(new JsonResult(new LoginReturnModel(false, "用户账户已被锁定")));
}
else
{
return(new JsonResult(new LoginReturnModel(false, "登录失败")));
}
}
else
{
return(new JsonResult(new LoginReturnModel(false, "用户不存在")));
}
}
